Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 10 Dec 2008 15:51:47 +0100 (CET)
From:      Pieter Donche <Pieter.Donche@ua.ac.be>
To:        "mail.list freebsd-questions" <freebsd-questions@freebsd.org>
Subject:   omshell how to use 
Message-ID:  <Pine.GSO.4.63.0812101534260.5421@hmacs.cmi.ua.ac.be>
In-Reply-To: <20081209185837.GA71505@marvin.optimis.net>
References:  <Pine.GSO.4.63.0812091752270.19005@hmacs.cmi.ua.ac.be> <20081209185837.GA71505@marvin.optimis.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
To use omshell for changing dhcpd.conf, one needs to use a TSIG key.

Did the following:
# dnssec-keygen -a HMAC-MD5 -b 512 -n HOST omapi_key
responded with:
Komapi_key.+157+18443

and created the files:
-rw-------   1 root   admin    118 Dec 10 15:42 Komapi_key.+157+18443.key
-rw-------   1 root   admin    156 Dec 10 15:42 Komapi_key.+157+18443.private

# cat Komapi_key.+157+18443.private
Private-key-format: v1.2
Algorithm: 157 (HMAC_MD5)
Key: Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu1bM0ZzxdIhj0sQ==
Bits: AAA=

# vi /usr/local/etc/dhcpd.conf
and added the statements

key omapi_key {
algorithm HMAC-MD5;
secret "Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu1bM0ZzxdIhj0sQ==";
};
omapi-key omapi_key;

Then I started dhcpd,  but it immediatly complains :
Starting dhcpd
...
/usr/local/etc/dhcpd.conf: line 10: invalid base 64 character 10
secret "Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu
1bM0ZzxdIhj0sQ==";
        ^
/usr/local/etc/dhcpd.conf: line 12: Expecting a parameter or declaration

What exactly does one have to specify on the 'secret' line ??
The manual for omshell or dnssec-keygen don't have examples...

Please a real life example with all the relevant information ...


> The command-line tool you're looking for is omshell.  If you want
> something different, then you're looking at implementing a wrapper
> script or program of your own design.
>
> Never had the need to use omshell, but the following random Google
> search result looks appropriate for what you're trying to do:
>
> <http://blog.nominet.org.uk/tech/2005/12/21/using-omapi-object-management-application-programming-interface/>;
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.63.0812101534260.5421>